XSF Discussion - 2022-01-10


  1. Neustradamus

    larma: Have you already looked here? - https://about.psyc.eu - http://www.psyced.org/

  2. edhelas

    https://news.ycombinator.com/item?id=29871358

  3. yushyin

    just saw that too :)

  4. Neustradamus

    :)

  5. edhelas

    And it didn't took that long for the Matrix guy to say how bad is XMPP :p

  6. phryk

    Are polls (i.e. multiple choice votes) somehow doable with some existing XEP?

  7. phryk

    Only thing that would spring to mind for me would be the forms extension plus custom server-side logic. But I think only gajim really supports forms…

  8. Ge0rG

    phryk: yeah, that's about it.

  9. mathieui

    There is the quick action xep or something

  10. edhelas

    basically implement Message Reactions and do polls with emojis :p

  11. mathieui

    Quick response* xep-0439

  12. edhelas

    MattJ i'm interested by your "account access delegation" feature indeed :)

  13. MattJ

    More details soon :)

  14. edhelas

    such teasing

  15. mathieui

    (But no public client supports quick response, AFAIK, though I did an implementation in slixmpp)

  16. MattJ

    edhelas, haven't formally signed anything with NLnet yet, so it feels premature to promise things until then. But it's no secret I've been wanting to improve this (account access and device/client management) for some time :)

  17. yushyin

    edhelas, yes, saw the one person with the bad understanding about e2ee and key exchanges. too bad that this matrix per-user e2ee and the matrix feature to _share keys_ with other clients lead to this https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40823

  18. dwd

    Zash, Broadly speaking, yes, any fastenish thing needs "deep" work on the MAM storage layer. Also any Inboxish thing, which is required (I think) for thin web clients to be efficient.

  19. dwd

    phryk, There's some bits of what you need for polls. But I think ideally we need not only forms, but "updatable messages" (or microapps), where a pubsub update can update the rendering of a preexisting message. So you'd present a poll (as form? with quick response? something else?) and by "magic", responses to the form would cause a pubsub event to update your client's view of the message. Perhaps?

  20. phryk

    dwd, pubsub can already be used for autoupdating views of ~some data~?

  21. phryk

    mathieui, thanks, that looks like it'd be a solid fallback for input even if forms end up broadly adopted.

  22. edhelas

    > Isn't that Jabber? Haven't heard of XMPP in a while.

  23. edhelas

    :D

  24. yushyin

    :D

  25. dwd

    phryk, No, or at least yes but nothing in the standards for it.

  26. dwd

    phryk, If we had all the budget in the world, I'd do polls as sandboxed HTML+JS with APIs for pubsub publishes and events. But we don't have *any* of that beyond pubsub itself. :-)

  27. phryk

    oh god, please no js in xmpp.

  28. kurisu

    if I had all the budget in the world I'd kill HTML+JS with fire like the cancer that it is

  29. dwd

    phryk, Oh, we're in daydream mode, right, so we can have them signed and you can trust only certain publishers or something.

  30. kurisu

    js in xmpp is more like nightmare mode

  31. dwd

    kurisu, Why? Genuine question.

  32. phryk

    dwd, still, i don't want a goddamn browser engine in my client in order to be able to participate properly ::F

  33. dwd

    phryk, It does make things pretty heavyweight, yes. If essentially any message could spawn an entire HTML+JSS sandbox environment, it'd put Chrome to shame.

  34. phryk

    if xmpp integrates js, I'll drop it like a hot radioactive potato.^^

  35. jonas’

    holy smokes what happened here

  36. kurisu

    dwd, because it's effectively google's proprietary platform at this point. Not to mention the browser which is supposed to be just an http client + a viewer of some goddamn formatted text with forms now takes more to compile than the entire rest of my distro combined - if this isn't bloat, I don't know what is. Note how I say *the* browser because there's hardly any difference between them at this point, it's all a proprietary platform of google and its evil friends

  37. dwd

    kurisu, OK, but the notion of combining a display language and a scripting language with a constrained API, packaging up microapps into messaging itself is OK, or not?

  38. jonas’

    no?

  39. jonas’

    that sounds like the same misdirection the web took

  40. dwd

    jonas’, It did make the web very useful, mind.

  41. jonas’

    also very misuseful

  42. dwd

    jonas’, And we wouldn't be running about making XMPP web clients with video calling if it hadn't taken that path.

  43. jonas’

    instead, we'd polish the calling functionality the clients already had a decade ago

  44. dwd

    jonas’, That's probably wishful thinking. WebRTC didn't exist back then, yet we still had largely non-functional and non-interoperable calling then.

  45. jonas’

    maybe

  46. dwd

    jonas’, Video calling, in particular, was basically borked. We had voice, though.

  47. jonas’

    dwd, so integrating some kind of scripting language is a massive barrier for application development

  48. jonas’

    you need runtimes for that language on all platforms (the mobile and web ones will be extra fun to deal with), and that needs to be sandboxed properly

  49. dwd

    jonas’, I can see that. Especially as being the community we are, we're have to pick something insanely esoteric.

  50. jonas’

    I think the sanest choice would be webasm.

  51. dwd

    I rest my case.

  52. jonas’

    cut away all the javascript cruft, go right with webasm asa runtime.

  53. jonas’

    it should provide all sandboxing and there exists lots of tools to compile to it

  54. jonas’

    it's supported by browsers

  55. jonas’

    it should be usable on mobile one way or another

  56. jonas’

    I don't like the taste of microapps still.

  57. jonas’

    it's not how I (want to) use IM.

  58. jonas’

    but *if* one would want to do it, webasm with access to the message and possibly IQs to the sender in some circumstances would probably the sanest way to do it.

  59. dwd

    I think the simplest generic platform you could build polls on would be some kind of templating system - and maybe forms with the display stuff is sufficient? - with a kind of encapsulated pubsub driving it, tied to a single node.

  60. dwd

    Troulbe is, I don't know what else you could build with that that's of any use.

  61. Link Mauve

    Wait wait wait, what would you want to integrate JS or wasm for in my XMPP client?

  62. jonas’

    :D

  63. dwd

    Otherwise, you need scripting. And the reason I actually quite like the notion of microapps is that a lot of innovation has occured in things like Slack Apps that looks really interesting.

  64. jonas’

    Link Mauve, wasm, no JS!

  65. Link Mauve

    jonas’, that’s already much more sensible, but… why?!

  66. dwd

    Link Mauve, Obviously it'd have to be LUA.

  67. Link Mauve

    OH NO, NOT LUA. :p

  68. Link Mauve

    I WOULD HAVE FLASHBACKS FROM SQL. :p

  69. jonas’

    dwd, how much of that would work well in any way in XMPP, given that the wire format has nearly no control over the presentational layer since we dropped XHTML-IM?

  70. dwd

    Link Mauve, Oh, SQL-over-pubsub, new XEP coming.

  71. dwd

    jonas’, Well, yes, that's a whole other problem. We could go Slack's "blocks", mind, which is almost what we have with XEP-0141 et al.

  72. dwd

    I mean, I guess there's XEP-0336 too.

  73. Link Mauve

    dwd, XEP-0043 you mean?

  74. dwd

    Link Mauve, Wow. "Retracted", because we don't have a state for "Burned with Fire".

  75. Link Mauve

    :D

  76. Link Mauve

    Wow, the DTD is fully unreadable in our dark theme.

  77. Link Mauve

    Purple on dark grey.

  78. jonas’

    did you mean: Mauve on dark grey?

  79. dwd

    Link Mauve, That's to protect your eyesight.

  80. dwd

    jonas’, I see what you did there.

  81. Link Mauve

    :3

  82. dwd

    But anyway, yes, little somewhat-scriptable dynamic messages. Microapps, whatever. We could probably do them without any client-side scripting, or at least with something so restrictive it was a case of "If the user actuates this button send this". But it'd be nice to get something that'd handle, say, polls, or giphy, or whatever else people think up without having to have everything hard-coded into the clients.

  83. Link Mauve

    There: https://github.com/xsf/xeps/pull/1147

  84. jonas’

    dwd, buttons?!

  85. Link Mauve

    dwd, isn’t giphy just a video player?

  86. jonas’

    Link Mauve, it's also a selectino tool on the sender side

  87. Link Mauve

    Like Movim’s thingy?

  88. jonas’

    possibly, I never used movim

  89. Link Mauve

    And you’d do that by… having some entity send you wasm code and execute it in your client? :x

  90. Link Mauve

    Can I opt out from this future right now?

  91. Link Mauve

    Movim says it’s using Tenor for the video search engine.

  92. jonas’

    ah yes

  93. Link Mauve

    https://tenor.com/ this one.

  94. Link Mauve

    So the limited wasm API would still give said external entity on the network access to arbitrary HTTP requests, video decoding, message sending, and what more?

  95. Link Mauve

    So the limited wasm API would still give said external entity on the network access to arbitrary HTTP requests, video decoding, widget drawing, message sending, and what more?

  96. jonas’

    I was proposing giving it access only to the message containing the wasm payload, plus maybe IQs to the sender address in response to user interaction.

  97. jonas’

    hence, "what is that even useful for given the really low amount of presentational layer influence the wire protocol has"

  98. Link Mauve

    Right.

  99. dwd

    Link Mauve, I'd probably avoid that for preference, and tie communications back to a fixed source endpoint and - probably - asking permission to send a specific message.

  100. Link Mauve

    So that takes giphy and external polls out.

  101. jonas’

    Link Mauve, though loading a snippet of wasm to run in your message text prompt would also be interesting

  102. Link Mauve

    (If giphy is like tenor.com’s integration into Movim.)

  103. dwd

    Link Mauve, Don't think so? Means that the microapp provider has to mediate all communication to third parties, though.

  104. jonas’

    then it should just be able to render a preview message based on your input

  105. jonas’

    and by render I mean provide the message stanza

  106. jonas’

    then your client can render the preview from that

  107. jonas’

    (with the client stripping all things it doesn't know about)

  108. jonas’

    the wasm could generate multiple variants (in the tenor case, multiple matching videos) and let you pick one of them.

  109. jonas’

    then you had a wasm thing which is already quite useful to actually do things

  110. Link Mauve

    Aaaaaaah, Movim lets those videos play sound as well! >_<

  111. Link Mauve

    I hate it I hate it I hate it I hate it.

  112. Link Mauve

    edhelas, ↑

  113. Link Mauve

    It even loops, with audio.

  114. Link Mauve

    And no way to stop it.

  115. Link Mauve

    Great UX you have here. ^^'

  116. Link Mauve

    jonas’, so, the wasm thing would let any external entity play sound in your client, with no way to do anything against it? :p

  117. dwd

    Link Mauve, Well, you can have a permissioning system to allow/deny audio, I suppose, but in any case, I'm beginning to wonder if it's even required to have a real scripting language, or if we can just handle UI events by passing messages and optionally replacing the entire microapp UI.

  118. Link Mauve

    Like the abuse of 0308 we did a while ago in poezio?

  119. dwd

    I don't know about that. But given what I can guess, maybe.

  120. Link Mauve

    Test of <marquee/>.

  121. Link Mauve

     Test of <marquee/>.                   

  122. Link Mauve

      Test of <marquee/>.                  

  123. Link Mauve

       Test of <marquee/>.                 

  124. Link Mauve

        Test of <marquee/>.                

  125. Link Mauve

         Test of <marquee/>.               

  126. Link Mauve

          Test of <marquee/>.              

  127. Link Mauve

           Test of <marquee/>.             

  128. Link Mauve

            Test of <marquee/>.            

  129. Link Mauve

             Test of <marquee/>.           

  130. Link Mauve

              Test of <marquee/>.          

  131. Link Mauve

               Test of <marquee/>.         

  132. Link Mauve

                Test of <marquee/>.        

  133. Link Mauve

                 Test of <marquee/>.       

  134. Link Mauve

                  Test of <marquee/>.      

  135. Link Mauve

                   Test of <marquee/>.     

  136. Link Mauve

                    Test of <marquee/>.    

  137. Link Mauve

                     Test of <marquee/>.   

  138. Link Mauve

                      Test of <marquee/>.  

  139. Link Mauve

                       Test of <marquee/>. 

  140. Link Mauve

                        Test of <marquee/>.

  141. Link Mauve

    .                    Test of <marquee/>

  142. Link Mauve

    >.                    Test of <marquee/

  143. Link Mauve

    />.                    Test of <marquee

  144. Link Mauve

    e/>.                    Test of <marque

  145. Link Mauve

    ee/>.                    Test of <marqu

  146. Link Mauve

    uee/>.                    Test of <marq

  147. Link Mauve

    I love it. :D

  148. Link Mauve

    quee/>.                    Test of <mar

  149. Link Mauve

    rquee/>.                    Test of <ma

  150. Link Mauve

    arquee/>.                    Test of <m

  151. Link Mauve

    marquee/>.                    Test of <

  152. dwd

    I'm not seeing those as '308...

  153. Link Mauve

    Oh?

  154. dwd

    I see one correction followed by a ton of subsequent messages...

  155. Link Mauve

    Oh, perhaps the plugin didn’t get updated to the new semantics of 0308.

  156. Link Mauve

    I’ll have a look someday, maybe.

  157. dwd

    In any case, congratulations, you've discovered something worse than spontanetously playing audio.

  158. lskdjf

    Link Mauve wrote "I love it" in between the corrections. Perhaps the corrections afterwards are be applied to the original marque test message, however it's not the last message anymore. Thus, last message corrections aren't accepted anymore.

  159. dwd

    lskdjf, No, I got a load of non-corrections prior to that.

  160. lskdjf

    hm. For me, all corrections prior to "I love it" applied fine.

  161. jonas’

    :D

  162. dwd

    Ah, interop will be easy, they said...

  163. jonas’

    I love marquee :)

  164. dwd

    jonas’, I mean, I hate it, but I love that it's (almost?) possible to do.

  165. Link Mauve

    lskdjf, oh, so you have the one client doing a check for Last message correction, while other clients implement arbitrary message correction.

  166. dwd

    jonas’, I'd just like some other facilities to do more complex things like polls etc. XEPs actually built to abuse, if you like.

  167. dwd

    I mean, the XSF Memberbot could be written as a Slack App. Obviously it'd be ironic to do so, but you could easily enough, I think, write an app that people could see, discover, and vote on, and that would provide all the links etc. And I think that's a more powerful mechanism than anything we have right now.

  168. mjk

    Link Mauve: is it *one* though? I'd hope more clients aside to Conversations do _last_ message correction

  169. lskdjf

    mjk, Dino also accepts the last message for correction only.

  170. mjk

    Whew

  171. mjk

    Anyway, this whole conversation was a pretty traumatic rollercoaster. Javascript in stanzas? Check. Chromium in Poezio? Check. Multimedia on autoplay? Check. Trusted stanza execution environment next?

  172. jonas’

    mjk, webasm in sgx in stanzas!

  173. jonas’

    and smart contracts!

  174. mjk

    Webasm sounds much more benign than requiring an intel x86 cpu to poll on things

  175. jonas’

    :D

  176. jonas’

    12:12:13 jonas’> it's not how I (want to) use IM.

  177. mjk

    Amen

  178. mjk

    ~Amen~ So say we all

  179. jonas’

    but with my council hat on, if members of the XMPP ecosystem want something like that, I feel obliged to guide them to non-terrible choices

  180. jonas’

    (like wasm over javascript)

  181. Link Mauve

    No matter the hat I wear, yes to that.

  182. mjk

    Link Mauve: btw, what is that Lua-related trauma you seem to have

  183. jonas’

    I think the trauma might've been LUA related…

  184. mjk

    Ah, I suspected that

  185. Zash

    I see you had a Lua Uppercase Accident

  186. jonas’

    I'm convinced it wasn't an accident

  187. mjk

    On a related note, there seem to be some impostor xmpp client circulating in the ecosystem, referred to as DINO. User discretion is advised

  188. moparisthebest

    Nothing is more annoying than "signal doesn't know who sent what to whom!!!!"

  189. moparisthebest

    They have to, to deliver it

  190. moparisthebest

    The fact that they have a bunch of fancy mumbo jumbo that boils down to "we pinky promise not to look or remember" is neither here nor there

  191. Zash

    Looks good in marketing

  192. moparisthebest

    Vs XMPP where jabber.de indeed has no idea who I'm communicating with on not-jabber.de

  193. moparisthebest

    If "privacy" people can't grasp this simple concept maybe they should just communicate over SMS

  194. mjk

    But RCS is morw private!!11 Google promised not to look!

  195. Zash

    But your evil admin is all-knowing and spies on everything!

  196. Sam

    I'm sure some people misrepresent this as "signal doesn't know where a message is going", which is not true, but they do a lot to obscure where it's *coming from", maybe we should actually make something similar instead of pretending this has no value.

  197. Sam

    Sure, it's not as perfect as the HN crowd seems to think, but they're not wrong that it's a lot better than what we do (assuming that hiding that metadata is actually one of your goals)

  198. mjk

    > they do a lot to obscure where it's *coming from" TIL

  199. Zash

    I'm happy knowing which server knows what.

  200. kurisu

    >vs XMPP where jabber.de indeed has no idea who I'm communicating with on not-jabber.de wut you mean xmpp server doesn't know who you're communicating with?

  201. Ge0rG

    Sam: but in the end they are only obscuring it, there is no techincal way to prevent them associating both sender and recipient phone numbers to any given message blob

  202. Zash

    Sealed sender is probably more secure in a federated system, but oh so many things break

  203. Sam

    Ge0rG: I don't think that's true at all; the "from" payload that authenticated you is completely obscured from Signals servers, it's part of the e2e bundle

  204. Sam

    Sealed sender, that's what it was called; let me see if I can find the blog post.

  205. Sam

    It has been a few years since it came out, so I don't really remember the details well

  206. Sam

    https://signal.org/blog/sealed-sender/

  207. Sam

    They just know "some unauthenticated TCP connection uploaded a bundle, we should deliver it and the remote client can authenticate it"

  208. Zash

    Your own server doesn't strictly need to know the recipient identity either, only their server.

  209. Sam

    Obviously there are all kinds of data correlation attacks you could still do (this IP uploads bundles to this user a lot, maybe it's this other person who also uploads bundles to this user) but that's still a significant improvement

  210. kurisu

    actually hiding metadata is possible in a p2p chat app. As an example one can quite easily build a chat app over Freenet where absolutely no one but the sender and receiver will know who those are; however with Freenet messages will take a few minutes to deliver so it isn't viable 🙂 IIRC in bitmessage senders are actually concealed and it works sort of but is heavy on cpu and I don't remember if messages are instant

  211. Sam

    I keep thinking about that. If my server knows who I am and the server I'm sending to, but not the user on that server, and the other server knows what server delivered it but not who it was from that would be pretty nice (although it would encourage centralization and more users on a server if you wanted that privacy so you could blend in with the crowd)

  212. Ge0rG

    That would be some interesting XML onion.

  213. Sam

    oh yah, I'm sure it would be very ugly however it works

  214. Sam

    I guess that's more what Tor does than what Signal does. Might be possible to do vaguely what signal does too

  215. msavoritias

    There is also briar that works in a mobile context and p2p. And tries to hide metadata. Obviously it fits a specific use case but some stuff from the metadata and the delay tolearnt capability would be interesting.

  216. moparisthebest

    Sam, it seems fairly clear that signal *could* track exactly which account each message came from though, right ?

  217. dwd

    "sealed sender" on XMPP would be an interesting challenge, because either you can upload bundles to any federated XMPP server, or else you've got to authenticate them to prevent (I think) various abuse cases.

  218. dwd

    And if you can authenticate them at all, you can (in principle) track identity. Well, maybe. And if you use tokens shared between clients, they could pass those tokens around and ew.

  219. dwd

    (By "maybe", I mean, you definitely could, though you might promise not to).

  220. mdosch

    You could hide the sender from the receiving server with some onion like layer model. And hide the receiver from the sending server.

  221. dwd

    Yeah, you'd want something akin to Tor relays, wouldn't you?

  222. dwd

    I mean, it's all possible, just not using the model that Signal use.

  223. dwd

    And I suspect with the right data gathering of the data they do have, it'd be fairly easy to guess the senders correctly in most cases.

  224. moparisthebest

    I think it'd be fairly easy to only tell your server the receiving server instead of full recipient JID

  225. moparisthebest

    The problem is, this is useless for people using the same server

  226. dwd

    moparisthebest, Yes, that for sure. For basic messaging. Presence gets a bit trickier.

  227. moparisthebest

    And also almost useless for very small servers

  228. dwd

    moparisthebest, Well, no, it doesn't, but you end up making trade-offs about who is applying ACLs and yuck. We had a big argument about this kind of thing about a decade and a half ago.

  229. moparisthebest

    But I guess signal uses it as a "feature" so if we are just after the marketing...

  230. dwd

    Yes, as the number of users on a server tends to one, it becomes irrelevant.

  231. dwd

    moparisthebest, I'd hope we do more than marketing, yes.

  232. moparisthebest

    Right, but that's why we don't have such a feature, it's mainly useful for marketing, not what people actually care about

  233. dwd

    And of course, this only really applies to pure consumer messaging. When you're dealing with organisations, it's a different model, and you might only want encryption and metadata hiding from the edges out.

  234. moparisthebest

    See also: disappearing messages & time limited messages

  235. dwd

    moparisthebest, In my world (my current world, I'm departing it probably forever at the end of the month), the problem would be that any use of such a system would carry the implication that you are, indeed, worth watching very closely. (And Armour Comms does do "message burn", e2ee (by some definitions), etc).

  236. Ellenor Malik

    dwd: are you ok?

  237. Ellenor Malik

    wording of message seemed ominous

  238. dwd

    I mean job/industry, not life! Going back to health instead. Similar issues but without nation states trying to kill my users quite so much. :-)

  239. Holger

    dwd: With or without Erlang?

  240. jonas’

    killing users with erlang?

  241. jonas’

    sounds about right

  242. Holger

    dwd survived so far.

  243. guus.der.kinderen

    but did his users?

  244. Holger

    It's fault-tolerant. If some users are killed, this won't affect the rest of us whatsoever.

  245. koreamafia7

    hello

  246. koreamafia7

    hello

  247. koreamafia7

    k

  248. koreamafia7

    kvcx

  249. koreamafia7

    f

  250. koreamafia7

    d

  251. koreamafia7

    f

  252. koreamafia7

    df

  253. koreamafia7

    d

  254. koreamafia7

    i question

  255. jonas’

    ask your question or stop spamming

  256. koreamafia7

    ok sorry my mistack

  257. koreamafia7

    *misstake

  258. dwd

    Holger, Also, users can be replaced at runtime without anyone noticing.

  259. bung

    Which software need help. I will learning language. Now ı am learning Python.

  260. Zash

    bung: You can find software listed under https://xmpp.org/software/

  261. moparisthebest

    emus, newsletter material "5.9 billion new XMPP users this month" https://blog.jmp.chat/b/2022-jabber-xmpp-from-sms

  262. moparisthebest

    5.9 billion was the first estimate I found searching for number of SMS users, mix with a little bit of Matrix math, done...

  263. mjk

    Now *that's* a clickbait

  264. mjk

    > Matrix math I see what you did there

  265. emus

    moparisthebest: can you make a PR? or add to the pad?

  266. Zash

    Put _that_ in your HN pipe and smoke it

  267. moparisthebest

    hey if we are going to go all-in how many email users are there... https://smtp.cheogram.com/

  268. moparisthebest

    "I have therefore determined everyone who has ever touched an electronic device is an XMPP user"

  269. Zash

    Relevant: https://xkcd.com/802/